
Learn through the super-clean Baeldung Pro experience:
>> Membership and Baeldung Pro.
No ads, dark-mode and 6 months free of IntelliJ Idea Ultimate to start with.
Last updated: March 18, 2024
The Domain Name System (DNS) is the phonebook of the Internet. DNS is a hierarchical and distributed naming system for computers, services, and other resources on the Internet. Furthermore, it’s partitioned into several different zones called DNS zones, where each zone is used to host the records for a particular domain.
In this tutorial, we’ll learn how to use the dig command to list all DNS records in a domain.
All computers on the Internet find and communicate with one another by using IP addresses. Moreover, DNS translates domain names into IP addresses so computers can communicate with each other.
A DNS record is an entry in a DNS database that maps a domain name to an IP address. In addition, it provides additional routing and resolution information about a domain.
Every DNS record has a type that defines the content of the record. Furthermore, there are many different types of DNS records, and most of them are used only occasionally. However, only a couple of record types are used frequently. Common DNS record types are:
Now, let’s look at an A record entry:
yahoo.com. 1452 IN A 74.6.231.20
Thus, this record shows the IP addresses associated with the domain name yahoo.com.
The dig (Domain Information Groper) command obtains DNS-related information for a given domain. It performs DNS lookups by querying name servers and displays the results concerning the various DNS records it finds.
The dig utility is available on Linux and macOS. Most Linux distributions include it by default so that we can use it immediately. If it isn’t installed, we can install it from the command line.
To install it in Debian-based Linux systems, we can use the apt package manager:
$ sudo apt-get install dnsutils
For Fedora-based distributions, we can use the yum package manager:
$ sudo yum install bind-utils
Let’s look at the dig command’s syntax:
$ dig [server] [name] [type]
The [server] argument is the IP address or hostname of the name server to query. It’s optional, and if we don’t provide one, then dig uses the name server listed in /etc/resolv.conf. The [name] argument is the name of the resource record that is to be looked up, and [type] is the type of query requested by dig.
For example, type can be an A record or any other type. By default, the dig command performs a lookup for the A record if no type argument is determined.
Now, let’s perform a DNS lookup for a domain name by passing the name along with the dig command:
$ dig yahoo.com
; <<>> DiG 9.18.1-1ubuntu1.3-Ubuntu <<>> yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42357
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
...
;; ANSWER SECTION:
yahoo.com. 5 IN A 74.6.143.25
yahoo.com. 5 IN A 74.6.231.21
yahoo.com. 5 IN A 98.137.11.163
yahoo.com. 5 IN A 74.6.143.26
yahoo.com. 5 IN A 74.6.231.20
yahoo.com. 5 IN A 98.137.11.164
The output contains the A records and other information like the installed dig version, technical details about the results, and statistics about the query, along with a few other items.
To list all DNS records in the domain zone, we use the type any switch of dig:
$ dig [name] any
For instance, let’s find all DNS records for yahoo.com:
$ dig yahoo.com any
Let’s see the output:
;; ANSWER SECTION:
yahoo.com. 117920 IN NS ns5.yahoo.com.
yahoo.com. 117920 IN NS ns1.yahoo.com.
yahoo.com. 117920 IN NS ns4.yahoo.com.
yahoo.com. 117920 IN NS ns2.yahoo.com.
yahoo.com. 117920 IN NS ns3.yahoo.com.
yahoo.com. 1287 IN MX 1 mta6.am0.yahoodns.net.
yahoo.com. 1287 IN MX 1 mta5.am0.yahoodns.net.
yahoo.com. 1287 IN MX 1 mta7.am0.yahoodns.net.
yahoo.com. 1452 IN A 74.6.231.20
yahoo.com. 1452 IN A 74.6.231.21
yahoo.com. 1452 IN A 74.6.143.26
yahoo.com. 1452 IN A 74.6.143.25
yahoo.com. 1452 IN A 98.137.11.164
yahoo.com. 1452 IN A 98.137.11.163
In the above example, we queried all DNS records for the domain yahoo.com using the type any. There, we see that the name servers for yahoo.com are ns1.yahoo.com through ns5.yahoo.com.
Moreover, if the any option isn’t working with the dig command, we can list specific types of DNS records one by one.
We can use the name of the DNS record we want to view along with the dig command. For example, let’s display all the IPv4 addresses associated with the yahoo.com domain:
$ dig yahoo.com A
; <<>> DiG 9.18.18-0ubuntu2.1-Ubuntu <<>> yahoo.com A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48593
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;yahoo.com. IN A
;; ANSWER SECTION:
yahoo.com. 1778 IN A 98.137.11.163
yahoo.com. 1778 IN A 74.6.143.26
yahoo.com. 1778 IN A 74.6.143.25
yahoo.com. 1778 IN A 74.6.231.20
yahoo.com. 1778 IN A 74.6.231.21
yahoo.com. 1778 IN A 98.137.11.164
...output truncated...
Similarly, let’s see the mail servers that are responsible for receiving mail for the yahoo.com domain:
$ dig yahoo.com MX
;; ANSWER SECTION:
yahoo.com. 1800 IN MX 1 mta5.am0.yahoodns.net.
yahoo.com. 1800 IN MX 1 mta6.am0.yahoodns.net.
yahoo.com. 1800 IN MX 1 mta7.am0.yahoodns.net.
...output truncated...
Furthermore, we can also list multiple DNS records together using a script:
for type in A AAAA MX NS TXT ; do
dig yahoo.com $type
done
Here, the script displays the IPv4, IPv6, mail servers, DNS servers, and text associated with yahoo.com.
DNS records of various types provide important information about a hostname or domain. In this article, we learned how to list all DNS records for a domain using the dig command.